A Russian man, Aleksandr Grichishkin, has been sentenced for giving shelter to cybercriminals for years, the Department of Justice announced Wednesday (Dec. 1).
He reportedly provided “bulletproof hosting” services for cybercriminals to send out malware and target financial institutions around the U.S., and has been sentenced to 60 months in prison.
Grichishkin was reportedly a founder of an organization renting internet protocol (IP) addresses, servers and domains to cybercriminal clients. The organization then used the infrastructure to disseminate malware, letting them get into victims’ computers, form botnets and then make off with banking credentials to use in crime.
Some of the malware involved in the attacks were Zeus, SpyEye, Citadel and the Blackhole Exploit Kit. The last listed item attacked U.S. companies and financial institutions between 2009 and 2015 and attempted to cause millions of dollars in fraud.
In addition, Grichishkin helped clients avoid getting caught by the law and keep committing crimes through methods like monitoring sites which blacklist tech infrastructure for crime, taking “flagged” content to other platforms, and registering any such infrastructure under fake identities.
Court filings painted Grichishkin as a founder of the organization who led its day-to-day operations.
He reportedly worked on ways to advertise the organization’s services in cybercrime forums, set pricing and worked with clients looking for infrastructure, hired employees and supervised their work, and oversaw the movement of affected clients’ data to “clean” domains.
PYMNTS reports that federal bank regulatory agencies have approved a final rule to streamline information sharing about cybersecurity threats. That could affect the U.S. banking system through making a banking organization notify the primary federal regulator of any kind of large computer security incident as soon as possible.
See also: Agencies Approve Cybersecurity Notification Rule
The agencies will have to file for incidents that “materially affect” the bank’s operations, its ability to deliver products and services, or the overall stability of finances.
Bank service providers will also have to notify customers whenever there’s been a computer security incident for four or more hours.